NOTE: please check the syllabus every week for updates!

Week 1:



OSS Chap 1

Butler Lampson. ProtectionACM SIGOPS Operating Systems Review, USA, 1974.

Week 2:

Access Control


OSS Chap 2

Week 3:



OSS Chap 3

F. J. Corbató, and V. A. Vyssotsky. Introduction and Overview of the Multics System. ACM Fall Joint Computer Conference, USA, 1965.

Paul Karger, and Roger Schell. Thirty Years Later: Lessons from the Multics Security Evaluation. Annual Computer Security Applications Conference (ACSAC 2002), USA, December 2002.

The PL/I Newsletter.

Assignment 1

Week 4:

Commodity OS


OSS Chap 4

Ben Fathi. What Really Happened with Vista: An Insider’s Retrospective. Medium, USA, 2018.

Week 5:

Security Goals


OSS Chap 5

Week 6:

Security Kernels


OSS Chap 6

Marcus Ranum. Building a secure operating system with Roger R. Schell. TechTarget, USA, 2017.

Week 7:

Linux Security Modules and SELinux


OSS Chap 7, 9

Chris Wright, Crispin Cowan, James Morris, Stephen Smalley, and Greg Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. 11th USENIX Security Symposium (Security’02), Berkeley, CA, USA, August 2002.

Vinod Ganapathy, Trent Jaeger, and Somesh Jha. Automatic Placement of Authorization Hooks in the Linux Security Modules Framework. 12th ACM Conference on Computer and Communications Security (CCS’05), Virginia, USA, Nov. 2005.

Assignment 2

Week 8:

Capability Systems


OSS Chap 10


Week 9:

Trusted Computing


Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. 13th USENIX Security Symposium (Security’04), San Diego, CA, USA, August 2004.

Week 10:

Trusted Execution Environment


Ahmad-Reza Sadeghi. Hardware-Assisted Security: From Trust Anchors to Meltdown of Trust. Chalmers Initiative Seminar: Digitalisation – Security & Privacy | Machine Intelligence, 2018 (Video).

Frank Mckeen. Intel Software Guard Extensions: Innovative Instructions for Next Generation Isolated Execution. Stanford Seminar – Intel Software Guard Extensions, USA, 2015 (Video).

Assignment 3

Week 11:

System Provenance


Adam Bates, Dave Tian, Kevin Butler, and Thomas Moyer. Trustworthy Whole-System Provenance for the Linux Kernel. 24th USENIX Security Symposium (Security’15), Washington, DC, USA, August 2015.

Week 12:

Peripheral Security


Dave (Jing) Tian, Grant Hernandez, Joseph Choi, Vanessa Frost, Peter Johnson, and Kevin Butler. LBM: A Security Framework for Peripherals within the Linux Kernel. 40th IEEE Symposium on Security and Privacy (Oakland’19), San Francisco, CA, May 2019.

A. Theodore Markettos, Colin Rothwell, Brett F. Gutstein, Allison Pearce, Peter G. Neumann, Simon W. Moore, and Robert N. M. Watson. Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals. 26th Annual Network and Distributed System Security Symposium (NDSS’19), San Diego, CA, Feb 2019.

Week 13:

Kernel Fuzzing


Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, and Thorsten Holz. kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017.

Dokyung Song, Felicitas Hetzelt, Dipanjan Das, Chad Spensky, Yeoul Na, Stijn Volckaert, Giovanni Vigna, Christopher Kruegel, Jean-Pierre Seifert, and Michael Franz. PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary. 26th Annual Network and Distributed System Security Symposium (NDSS’19), San Diego, CA, Feb 2019.

Assignment 4

Week 14:

Formally Verified Kernel


Week 15:



Week 16:

Final Projects Presentation